package fun.werfamily.wf.gateway.config;//package fun.werfamily.gateway.config;
//
//import org.springframework.context.annotation.Configuration;
//import org.springframework.core.annotation.Order;
//import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.builders.WebSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.config.http.SessionCreationPolicy;
//
///**
// * @Author: Mr.WenMing Zhang
// * @Date: 2022/07/28 15:05
// * @Description:
// **/
//@Configuration
//@EnableWebSecurity
//@EnableGlobalMethodSecurity(prePostEnabled = true)
//@Order(-1)
//public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http
//                //关闭csrf
//                .csrf().disable()
//                //不通过Session获取SecurityContext
//                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
//                .and()
//                .authorizeRequests()
//                // 对于登录接口 允许匿名访问
//                .antMatchers("/login/*").anonymous()
//                // 除上面外的所有请求全部需要鉴权认证
//                .anyRequest().authenticated();
//
//
////        // 由于使用的是JWT，我们这里不需要csrf
////        http.cors().
////                and().csrf().disable()
////                .authorizeRequests().requestMatchers(CorsUtils::isPreFlightRequest).permitAll().and()
////                .authorizeRequests().antMatchers("/user/**").permitAll().and()
////                .authorizeRequests().antMatchers("/logout/**").permitAll().and()
////                .authorizeRequests().antMatchers("/doc.html/**").permitAll().and()
////                .authorizeRequests().antMatchers("/pub-key/jwt.json").permitAll().and()
////                // 其余所有请求全部需要鉴权认证
////                .authorizeRequests().anyRequest().authenticated();
//    }
//
//    public void configure(WebSecurity webSecurity) throws Exception {
//        webSecurity.ignoring().antMatchers("/v2/api-docs", "/swagger-resources/configuration/ui",
//                "/swagger-resources","/swagger-resources/configuration/security",
//                "/swagger-ui.html","/css/**", "/js/**","/images/**", "/webjars/**", "**/favicon.ico", "/index");
//
//    }
//}
